﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;

public partial class infopassword : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["USERNAME"] == null)
        {
            Response.Redirect("error_log.aspx", true);
        }
        if (Session["IDENTITY"].Equals("employee") == true)
        {
            Response.Redirect("error_auth.aspx", true);
        }
       
    }
    protected void Button1_Click(object sender, EventArgs e)
    {

        string name = Session["USERNAME"].ToString();
        bool check = false;
        //用用户名在INFO_ENTER表中得到用户密码与用户输入的原密码对比,一致check=true否则还是false
        SqlConnection sc = new SqlConnection(ConfigurationManager.ConnectionStrings["wbkpt"].ConnectionString.ToString());
        sc.Open();
        SqlCommand com_check = new SqlCommand();
        com_check.Connection = sc;
        com_check.CommandText = "select ENTER_PASSWORD from INFO_ENTER where ENTER_NAME=@name";
        com_check.Parameters.AddWithValue("@name", name);
        object a = com_check.ExecuteScalar();
        string ori_psw = "";
        ori_psw = a.ToString();
        
        if (TextBox2.Text.Equals(TextBox3.Text) == true&&TextBox1.Text.Equals(ori_psw)==true)
            check = true;
        else check = false;
        //判断确认密码与新密码一致
        if (check == true)
        {//将新密码更新进INFO_ENTER表
            SqlCommand com_upate = new SqlCommand();
            com_upate.Connection = sc;
            com_upate.CommandText = "update INFO_ENTER set ENTER_PASSWORD=@psw where ENTER_NAME=@name";
            com_upate.Parameters.AddWithValue("@psw",TextBox2.Text);
            com_upate.Parameters.AddWithValue("@name",name);
            while (Application["sqllock"] == "lock")
            {
                System.Threading.Thread.Sleep(2000);
            }
            Application["sqllock"] = "lock";
            if (com_upate.ExecuteNonQuery() == 1)
            {
                Application["sqllock"] = "unlock";
                Page.RegisterStartupScript("ss", "<script>alert('成功修改密码！')</script>");
                return;
            }
            else
            {
                Application["sqllock"] = "unlock";
                Page.RegisterStartupScript("ss", "<script>alert('数据库异常，请重试！')</script>");
                return;
            }
        }
        else
        {
            Response.Write("<script language=\"javascript\" type=\"text/javascript\">alert('原密码有误或新密码不正确，请确认后重试！');</script>");
        }
    }
}